Skip to main content

Atlassian Jira integration

Keep your development team in the loop by exporting security weaknesses to Jira

Updated over 2 weeks ago

Jira, Atlassian's hugely popular issue-tracking software, allows developers to collaborate on development tasks. Developers spend a lot of their time in Jira, so it's a good place to catch their attention when you want something like a security issue fixed.

⚠️ Warning:

  1. We only recommend connecting using an "integration user" (a user that has the minimum permissions, only to be used for the Jira -> Intruder integration)

  2. Our current integration does not support scoped API tokens.

Connect your Jira instance to IntruderΒ 

  1. To connect Intruder to your Atlassian Jira account, go to the Integrations Page in the Intruder portal and press the Add button on the Jira tab.


    2. Enter the site URL of your Jira instance (*.atlassian.net or *.jira.com), then enter the email address and API token of a Jira user with appropriate permissions. See the Atlassian docs for more information on how to generate an API token.

    3. Then click 'Connect' and you're done! πŸŽ‰

🚨 Please note that Unassigned Issues must be enabled in your Jira instance for the integration to work.

Manually export issues to Jira

  1. To manually export an Intruder issue to Jira, go to the Issues page, select the issue, and click Actions and then click Send to Jira:
    ​
    ​

  2. Select the Jira project you want to export the issue to, then pick the Jira issue type. Click Submit, and that issue will be exported to your Jira project.
    ​
    ​

🚨 Both custom issue types and default issue types have to include the β€œsummary” and β€œdescription” fields. All other fields must be non-mandatory. Any deviation from these instructions will cause the integration to fail. ​

Automatically create Jira issues for any new security weaknesses

To automatically create Jira issues, head to 'Integrations > Jira Settings'. Then, in the 'Vulnerability Issues' section, select the project, issue type, and severity of the issues you want to export:

In the 'Certificate Expiry Issues' section, you have the option to create issues in Jira for any certificate expiry issues, such as when an SSL Certificate has less than 21 days until expiry. If you want to enable these alerts, specify a project and issue type, and check the auto-create issues box:

Note: If you're using the Jira on-premise solution, we recommend you segment it from the Internet using a Firewall but allow inbound traffic from the Intruder portal (portal.intruder.io or 35.189.67.245) in order for the exports to work.

How the issue is displayed

...within Intruder

Once an issue has been sent to Jira, you’ll see Jira ticket references in two places:

  • By hovering over the Jira logo next to the issue title

  • Under the Remediation section within the issue details panel

Clicking these links will take you directly to the corresponding ticket in your Jira project.

...within Jira

After export, the issue is added to your Jira backlog. The ticket includes:

  • A clear description of the issue

  • Remediation guidance

  • A list of affected occurrences

  • A .txt attachment containing the raw scanner output

This helps your team locate, assess, and address the vulnerability efficiently.

Note: Jira integration is currently only available for customers on our Cloud, Pro, Enterprise, and Vanguard plans.

Related Articles
ServiceNow integration
GitHub integration
GitLab integration
Azure DevOps integration
Did this answer your question?